Researchers published a Proof-of-Concept (PoC) of a series of VMware vRealize Log Insight vulnerabilities to show that attackers could exploit the flaws to perform Remote Code Execution (RCE) as root. VMware recently provided patches and workarounds for…

According to a new report from Sysdig, security teams are facing a large number of container vulnerabilities due to the nature of modern software design and the sharing of open-source images. Based on real-world data sets encompassing billions of…

Computer scientists at Sandia National Laboratories have been developing an innovative computer model to help grid operators quickly restore power to the grid following disruptions such as a successful cyberattack or other extreme weather events. This…

According to the World Economic Forum (WEF), cybercrime has become the world's third-largest economy, following the US and China. Cybercrime is estimated to cost $8 trillion globally in 2023 and $10.5 trillion in 2025, according to Cybersecurity Ventures…

With the rise of supply chain attacks, the security of suppliers, clients, and business partners is under increased scrutiny.  This led security rating provider SecurityScorecard and the Cyentia Institute to investigate organizations' worldwide…

Security researchers at Abnormal Security have warned of a highly successful new business email compromise (BEC) group that has targeted hundreds of victims in the past two years using fairly unsophisticated techniques.  Dubbed “Firebrick Ostrich,”…

According to researchers at Chainalsyis, hackers stole $3.8 billion from crypto investors in 2022, a 13% increase from 2021 and marking a new all-time high for the annual theft of digital coins.  This rise in crypto hacks is just the latest…

LockBit ransomware operators have introduced a new version of their malware called LockBit Green, which targets cloud-based services. After LockBit Red and LockBit Black, this is the third version of ransomware created by the gang. Affiliates of the…

Tens of thousands of QNAP Network-Attached Storage (NAS) devices are awaiting a patch for a recently addressed critical security vulnerability. This SQL injection vulnerability can be used by remote threat actors to inject malicious code in attacks…

The Brazilian threat actors behind Prilex, a sophisticated and modular point-of-sale (POS) malware, have reemerged with new updates that enable it to prevent contactless payment transactions. Researchers identified three variants of Prilex that can…

More than 200,000 people are being notified by the Indianapolis Housing Agency about their information being compromised during a ransomware attack that began in September. The organization provides housing to low-income Indianapolis residents. It…

According to an Information Services Group (ISG) report, the growth in threats to vehicles and industrial Operational Technology (OT) has prompted many companies to invest in advanced technologies and services to improve the security of their assets. In…